I am sharing my CISSP journey (which was quite challenging in its own way) with you. My motive to get CISSP was not to change job or get a salary hike. I am quite happy with my current job & will continue it for some more time. I just wanted to challenge myself with something which is assumed to be tough.
A very big Thanks to My family members, Luke Ahmed, Ahmed Khatib & some wonderful people on SNT & Telegram Group. You guys really rock !!
First of all let me share my background as it did help me in some domains. I have total 11+ years of experience in security field. I have hands on experience on switching, routing, wireless, voice, Network security, Application Security, SIEM & VA-PT solutions. My journey started six months back.
I would say it wasn’t a really good decision as I had a 4 months baby at home. Me & my wife both are working & have to take care of the little one.
Study materials used
• CISSP (ISC)2-CISSP Sybex Official Study Guide 7th Editiion
• Cybrary -Kelly Handerhan video
• CISSP CBK 4TH EDITION – Only Q & A
• CISSP AIO 7th.Edition-Shon Harris For Referring few Topics
• CISSP Official (ISC)2 Practice Tests - Mike Chapple & David Seidl
• Luke's video and Practice Q & A
• SkillSet Free Q & A
• Ucertify All Questions
• McGraw-Hill CISSP Practice Exams
• AIO Total Tester- Customized 50 question test from each domain.
• Some Youtube videos on certain topics.
• Studied for 6 months (3 months ON-Off, 3 Months dedicated). First 3 months I was able to study 2 hours a day, next 2 months 4 hours a day, last one month almost 7 hours a day (Morning 4 AM-7AM, Evening 5 PM-9 PM). I was not getting full concentration at home on weekends because of the little one, so I used to go to the office & sit & study whole day with full concentration. So office cubical was my favorite place to study after office hours & weekends.
• I started with Sybex 7th Edition. I made a tracker & assigned each day some 20 pages. I also took questions after each chapter. It took around 2 months to run through the book.
• Then I completed Cybrary video course & took notes out of it.
• Next I went through Sybex once again, this time taking hand written notes. It took around 3 months to complete sybex. In between I used to check many YouTube sources to clear some topics. Also consulted Shon Harris for some topics like Access control, BCP & SDLC.
• Last one moth I joined SNT & did lot of practice questions. Also got access to an awesome Telegram group which is active 24X7.
• McGraw-Hill CISSP Practice Exams were my first target & I completed all tests with a 75+ scores. Except 5th & 6th domain. So I got a clarity where I need to put more efforts.
• I completed all videos and study material provided on SNT. I would say most of the concepts got clear with the awesome videos. I mailed Luke on few occasions to clarify few topics & got positive response within hours.
• I paid extra attention on 5th & 6th domain. Took practice questions from different resources.
• Last 15 days were dedicated to final evaluation using Sybex official question bank. Did quite well with all domains. Did both full mock tests, scored 79% & 80% in both which made me book the exam. Marked & studied the topics I went wrong in these tests.
• Had some personal commitments after 29th Sep, so wanted to complete the test before that. Tried to book the test in my local center but no date was available. So booked my test for 27th Sep 2017 in a distant place.
Exam was at 2: 30 PM. Had a nice 8 hours sleep & got up at 8 AM in the morning. Did my breakfast & played with my little one for good 30 minutes. Revised few of my handwritten notes till 12 PM. Had my lunch & left for the test center at 12:30 PM. Reached one hour before the exam. I was quite positive & confident before I enter the exam center.
Exam center was not at all up to my expectations. (No cafeteria, no washroom inside the center) Deposited my belongings in the locker & enrolled my biometric details at the reception.
Exam started & within 1 hour my confidence started shattering. In one hour I just completed 42 questions.
I took a 5 minutes break went to the bathroom & reminded myself why I want CISSP & what I have gone through in last 6 months, regained myself & went back. I took total 5 breaks & every time I reminded myself to fight for next 50 questions.I had t read some question thrice or more than that just t understand what is being asked. I completed all 250 questions in 5 hours & 10 minutes.
I had flagged some 40 questions, reviewed them & yes I changed around 5 answers. 10 minutes were left & I waited for 3 more minutes to go (as 7 is my lucky number). Clicked End exam when 7 minutes were left. At this time I was not sure how I have done in the exam but was satisfied that I have given my best in last 6 months & last 6 hours.
Finally, when the printout said Congratulations – I had tears in my eyes for the very first time. But these tears were definitely worth it !!
Few Suggestions to the Exam Takers: (Learnt from My mistakes)
1. Book the exam as early as possible. It really makes you more focused
2. Start your study with a Video resource like Cybrary which gives you an overview of the content you need to master in your entire CISSP journey.
3. Set a realistic exam date based on your personal & professional life otherwise you will end up burning yourself like I did.
4. Keep one Practice Test Resource for the final evaluation, you tend to remember questions if you use the same resource again n again & will not get real evaluation.
5. It is said that CISSP is inch deep but I would suggest get detailed information about the topics. For example if its WAN protocol learn why it is used, which protocol was replaced by it & why. Does it use Authentication, What type of authentication it uses etc.
6. No one book covers all the topics which you will see in the exam. So try to refer more than one study resource.
7. Even if you are 100 % ready, exam will not look easy, be mentally prepared to fight & win from each question. These final 6 hours really count.
8. Inter-domain knowledge is must. In the scenario based questions they may include more than one domain.